From 73ba2286201fbcf2bfb9786f29d2758e6aa380c6 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Peter=20M=C3=BCller?= <peter.mueller@link38.eu>
Date: Wed, 11 Oct 2017 19:45:19 +0200
Subject: [PATCH] enable dual-stack ECDSA and RSA certificates in Apache
MIME-Version: 1.0
Content-Type: text/plain; charset=utf8
Content-Transfer-Encoding: 8bit

Note: Apache crashes if any of these files does not exist. Thereof it
is necessary to generate missing keys on existing installations.

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---
 config/httpd/vhosts.d/ipfire-interface-ssl.conf | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/config/httpd/vhosts.d/ipfire-interface-ssl.conf b/config/httpd/vhosts.d/ipfire-interface-ssl.conf
index 5a2f367a32..42f5939597 100644
--- a/config/httpd/vhosts.d/ipfire-interface-ssl.conf
+++ b/config/httpd/vhosts.d/ipfire-interface-ssl.conf
@@ -13,6 +13,8 @@
     SSLHonorCipherOrder on
     SSLCertificateFile /etc/httpd/server.crt
     SSLCertificateKeyFile /etc/httpd/server.key
+    SSLCertificateFile /etc/httpd/server-ecdsa.crt
+    SSLCertificateKeyFile /etc/httpd/server-ecdsa.key
 
     <Directory /srv/web/ipfire/html>
         Options ExecCGI
-- 
2.39.2